Changes

70 bytes removed ,  13:31, 9 April 2011
Line 3: Line 3:  
3DSのセーブデータはゲームカートにまさにDSのそれと同じように保存されています。
 
3DSのセーブデータはゲームカートにまさにDSのそれと同じように保存されています。
 
DSではこのようなセーブデータはそのまま保存されていましたが、3DSにおいては暗号化して保存する仕組みが加わりました。
 
DSではこのようなセーブデータはそのまま保存されていましたが、3DSにおいては暗号化して保存する仕組みが加わりました。
これはとても に似ています。
+
これはとてもストリームの暗号化に似ています。排他的論理和を取ることによって、セーブデータの復号鍵が
   This is highly likely a streamcipher, as the contents of several savegames exhibit the odd behaviour that xor-ing certain parts of the savegame together will result in the plaintext appearing.
+
得られます。
 
+
   The reason this works is because the streamcipher used has a period of 512 bytes. That is to say, it will repeat the same keystream after 512 bytes. The way you encrypt with a streamcipher is you XOR your data with the keystream as it is produced. Unfortunately, if your streamcipher repeats and you are encrypting a known plaintext (in our case, zeroes) you are basically giving away your valuable keystream.
The reason this works is because the streamcipher used has a period of 512 bytes. That is to say, it will repeat the same keystream after 512 bytes. The way you encrypt with a streamcipher is you XOR your data with the keystream as it is produced. Unfortunately, if your streamcipher repeats and you are encrypting a known plaintext (in our case, zeroes) you are basically giving away your valuable keystream.
      
So how do you use this to decrypt a savegame on a 3DS? First off, you chunk up the savegame into 512 byte chunks. Then, you bin these chunks by their contents, discarding any that contain only FF. Now look for the most common chunk. This is your keystream. Now XOR the keystream with your original savegame and you should have a fully decrypted savegame. XOR with the keystream again to produce an encrypted savegame.
 
So how do you use this to decrypt a savegame on a 3DS? First off, you chunk up the savegame into 512 byte chunks. Then, you bin these chunks by their contents, discarding any that contain only FF. Now look for the most common chunk. This is your keystream. Now XOR the keystream with your original savegame and you should have a fully decrypted savegame. XOR with the keystream again to produce an encrypted savegame.
405

edits